Subject: Update of "opera6" package (was: CVS commit: pkgsrc/www/opera6)
To: None <pkgsrc-changes@netbsd.org>
From: Matthias Scheler <tron@zhadum.de>
List: pkgsrc-changes
Date: 05/28/2002 17:43:04
In article <20020528152700.B0BBCB004@cvs.netbsd.org>,
	Matthias Scheler <tron@netbsd.org> writes:
> Module Name:	pkgsrc
> Committed By:	tron
> Date:		Tue May 28 15:26:59 UTC 2002
> 
> Modified Files:
> 	pkgsrc/www/opera6: Makefile distinfo
> 
> Log Message:
> Update "opera" package to version 6.01. This update fixes a security hole
> in the handling of the '<input type="file">' tag which could be used to
> transfer files from the local host without the user noticing.

Just for the records:
It turned out that version 6.0 for Linux is *not* vulnerable. The first
news article I read was not very clear about this. Here is the correct
information:

http://online.securityfocus.com/news/439

	Sorry for the confusion

-- 
Matthias Scheler                                  http://scheler.de/~matthias/